Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1941
  • Last Modified:

Email Bounces when sending to Exchange Server using a Frontbridge.com third party filtering software after changes made to PIX inbound SMTP config

Hello, We recently restricted Port 25 inbound access to our mail server from everyone to only giving access to a scope of filtering Frontbridge.com servers configured to relay email for our domain.  We are now receiving emails bounces on people trying to send inbound to our users from certain domains. The MX records for our domain list the Frontbridge.com mail relay when using NSLOOKUP but the bounce back messages have the address of our mail server listed as the target?
 


<user1@mail.org>: delivery temporarily suspended: connect to
    199.92.200.1[199.92.200.1]: Connection timed out


Where 199.92.200.1 is the external address of our email server restricted only to Frontbridge.com.


0
jfexchange
Asked:
jfexchange
  • 4
  • 2
1 Solution
 
vtsincCommented:
Sounds like a mail routing loop - I don't think that message is generated by Exchange itself, rather maybe postfix or similar (whatever Frontbridge runs).  Have you checked the inbound routing configuration on your SMTP virtual server(s) and recipient policies to be sure your domain(s) route inbound??
0
 
jfexchangeAuthor Commented:
On Frontbridge.com our Exchange domains are listed for inbound delievery is this what you are referring to?   Below is error message it is Postfix (what exactly is that?), thanks!



This is a MIME-encapsulated message.

--419474507C7.1110287294/mail41-R-kan.bigfish.com
Content-Description: Notification
Content-Type: text/plain

This is the Postfix program at host mail41-R-kan.bigfish.com.

I'm sorry to have to inform you that your message could not be
be delivered to one or more recipients. It's attached below.

For further assistance, please send mail to <postmaster>

If you do so, please include this problem report. You can
delete your own text from the attached returned message.

                        The Postfix program

<user1@mail.org>: delivery temporarily suspended: connect to
    199.92.200.1[199.92.200.1]: Connection timed out


--419474507C7.1110287294/mail41-R-kan.bigfish.com
Content-Description: Delivery report
Content-Type: message/delivery-status

Reporting-MTA: dns; mail41-R-kan.bigfish.com
X-Postfix-Queue-ID: 419474507C7
X-Postfix-Sender: rfc822; owner-playbillclub*user1**NPL*-ORG@PEACH.EASE.LSOFT.COM
Arrival-Date: Thu,  3 Mar 2005 13:06:16 +0000 (UCT)

Final-Recipient: rfc822; <user1@mail.org>:
Action: failed
Status: 4.0.0
Diagnostic-Code: X-Postfix; delivery temporarily suspended: connect to
    199.95.204.8[199.95.204.8]: Connection timed out

--419474507C7.1110287294/mail41-R-kan.bigfish.com
Content-Description: Undelivered Message
Content-Type: message/rfc822

Received: from mail41-kan.bigfish.com (localhost.localdomain [127.0.0.1])
        by mail41-R-kan.bigfish.com (Postfix) with ESMTP id 419474507C7
        for <user1@mail.org>:>; Thu,  3 Mar 2005 13:06:16 +0000 (UCT)
X-BigFish: vpcs-5(z594k1e24i519izaceTd63haf6IK1580h19b8M11fbP7efIL3338s7fre56m7a2m285ckzz2cfRzzz1iv)
X-CustomSpam: This message was filtered by custom spam filter option - Image links to remote sites
Received: by mail41-kan (MessageSwitch) id 110985517265841_22755; Thu,  3 Mar 2005 13:06:12 +0000 (UCT)
Received: from cherry.ease.lsoft.com (cherry.ease.lsoft.com [209.119.0.109])
        by mail41-kan.bigfish.com (Postfix) with ESMTP id 314454507DC
        for <user1@mail.org>;Thu,  3 Mar 2005 13:06:10 +0000 (UCT)
Received: from PEACH.EASE.LSOFT.COM (209.119.0.61) by cherry.ease.lsoft.com (LSMTP for Digital Unix v1.1b) with SMTP id <13.00FBEA55@cherry.ease.lsoft.com>; Thu, 3 Mar 2005 8:05:04 -0500

Received: by PEACH.EASE.LSOFT.COM (LISTSERV-TCP/IP release 14.3) with spool id
          60106719 for PLAYBILLCLUB@PEACH.EASE.LSOFT.COM; Thu, 3 Mar 2005
          08:04:47 -0500
Approved-By: clubmanager@PLAYBILL.COM
Received: from 64.52.72.130 by WALNUT.EASE.LSOFT.COM (SMTPL release 1.0l) with
          TCP; Thu, 3 Mar 2005 07:57:34 -0500
Received: from [68.175.88.191] (HELO playbill.com) by playbill.com (CommuniGate
          Pro SMTP 4.1.3) with ESMTP id 2655556 for
          playbillclub@peach.ease.lsoft.com; Thu, 03 Mar 2005 07:57:33 -0500
User-Agent: Mozilla/5.0 (Macintosh; U; PPC; en-US; rv:1.0.2) Gecko/20030208
            Netscape/7.02
X-Accept-Language: en-us, en
MIME-Version: 1.0
Content-Type: multipart/alternative;
              boundary="------------050200020301070001060103"
Message-ID:  <422709BF.60608@playbill.com>
Date:         Thu, 3 Mar 2005 07:57:35 -0500
Reply-To: clubmanager@playbill.com
Sender: Playbill On-Line's weekly newsletter <PLAYBILLCLUB@PEACH.EASE.LSOFT.COM>
From: Playbill Club Manager <clubmanager@PLAYBILL.COM>
Subject: A Star-Studded "Streetcar" on B'way - Save 35% with Playbill!
To: PLAYBILLCLUB@PEACH.EASE.LSOFT.COM
Precedence: list

--------------050200020301070001060103

0
 
vtsincCommented:
delivery temporarily suspended: connect to
    199.92.200.1[199.92.200.1]: Connection timed out

The timeout makes me think that either your mail server SMTP service is not running, or it is not accepting the connection from Frontbridge.
0
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

 
vtsincCommented:
I see you mentioned the PIX and suspect that may well be where the problem lies.
0
 
jfexchangeAuthor Commented:
I believe this was the catalyst of the problem, when inbound access through the firewall wa unrestricted on port 25 we did not recieve the bounces.  Once the scope was restricted to Frontbringe.com servers they started to occur.  I can reopen that access again and I think it would correct the issue, though I would prefer not to and find out why it is occuring, when MX records for our domain list frontbridge.com?
0
 
vtsincCommented:
My guess is that your mail is getting to Frontbridge but the PIX is not allowing thier servers to relay in to your in-house server.  Your PIX administrator should be able to check the logs and see what IP addresses are being rejected on port 25 - that would tell you what you need to open on the PIX to allow Frontbridge through while rejecting all others.  For the moment I would open the PIX to all on port 25, and if you do not have ready access to the PIX you can then look in your own mail server SMTPSVC logs (if enabled) to determine what IPs Frontbridge is using to relay in to you.

The logs would probably be under c:\%windir$%\system32\logfiles\smtpsvcx\

Hope this helps!
0

Featured Post

Become an Android App Developer

Ready to kick start your career in 2018? Learn how to build an Android app in January’s Course of the Month and open the door to new opportunities.

  • 4
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now